Quote:
Originally Posted by ladida
because it doesn't tell you anything other then breached/not breached.
|
It tells you exactly which breach(es) the email address appears in with a background story of each breach and what details were compromised in that breach.
For all my email addresses all the breaches listed are services that I actually used that email address for. It is 100% accurate, not something random as it also includes smaller breaches for lesser known services that I used.
Basically all this tool does is match the email address you enter against all the breached databases and tells you if it appears in one or more of them and tells you which one(s).
Then they have an additional service where you can sign up for automatic warnings for new breaches, where when there is a new breach it matches the subscribers to the email addresses in that breach and emails you if it found your email address in it.
They also allow you to opt-out for breaches appearing when searching for your email address. So when someone searches for your email address it will return it was not pwned. This does not remove your email address from the databases, it just sets a flag that when that email address should return no results.
That's all there is to it. It's a very basic lookup tool and notification service that is made to help people be more secure. People thinking otherwise really have no idea what they are talking about. Do you think if there was any doubt about this all the big security research sites and major news publications would constantly link to the site.